Mozilla's engineers are working on a Firefox Alert System, which will show security warnings to users visiting websites that have infringed data.
The alert system will use the data contained in the Have I Been Pwned, a website that includes all known data breaches and features a search for users who wish to see if their personal information (name, code access).
Jobs for this project have just begun, and the source code for displaying these warnings is not even included in the basic Firefox code but works separately as an add-on.
"[Breach Alerts] is an addon I'm going to use to prototype an upcoming Firefox feature that alerts users when their credentials may be involved in a data breach," said Mozilla engineer Nihanth Subramanya. description of the add-on.
The code for this add-on is available on GitHub and anyone who wishes can make a compile to pass it to Firefox. Please note that currently only Firefox is supported Developer Edition.
The add-on is still in early stages of development and alerts are currently enabled when the user visits a site that is included in the Have I Been Pwned public violation list.
This new warning system will surely shake off the companies that have been tampered with. Have I Been Pwned can offer the same service, but it's not the same. It's very different to display this information from a browser that uses millions of users and shows violations that have happened years ago.
"I'm working with Mozilla on this," he said Troy Hunt, the researcher behind Have I Been Pwned.
“We're looking at a few different models of how it might work, but the main takeaway is that there's an intention to show warnings about data exposed directly from the program tours,” says Hunt.
One thing is for sure that the Mozilla Foundation should pay special attention to how it will display the warnings. It should focus less on the security incident and put more emphasis on encouraging users to change their credentials on infringing websites.
See the add-on Breach Alerts